Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
Typedeb
Namespacedebian
Namepoppler
Version25.03.0-5+deb13u2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version25.03.0-11.1
Latest_non_vulnerable_version25.03.0-11.1
Affected_by_vulnerabilities
0
url VCID-a8zz-dfdm-1uf7
vulnerability_id VCID-a8zz-dfdm-1uf7
summary poppler: Poppler stack overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43718.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-43718
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00727
published_at 2026-04-02T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00755
published_at 2026-04-21T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00719
published_at 2026-04-09T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00716
published_at 2026-04-11T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.0071
published_at 2026-04-13T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00708
published_at 2026-04-16T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00713
published_at 2026-04-18T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00724
published_at 2026-04-04T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00729
published_at 2026-04-07T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00728
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-43718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046
reference_id 1117046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2400893
reference_id 2400893
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2400893
6
reference_url https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-43718.md
reference_id CVE-2025-43718.md
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:15:35Z/
url https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-43718.md
7
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408
reference_id f54b815672117c250420787c8c006de98e8c7408
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:15:35Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408
8
reference_url https://access.redhat.com/errata/RHSA-2026:7364
reference_id RHSA-2026:7364
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7364
9
reference_url https://usn.ubuntu.com/7803-1/
reference_id USN-7803-1
reference_type
scores
url https://usn.ubuntu.com/7803-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-11.1
purl pkg:deb/debian/poppler@25.03.0-11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1
aliases CVE-2025-43718
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8zz-dfdm-1uf7
1
url VCID-yy6j-1h5z-wbgp
vulnerability_id VCID-yy6j-1h5z-wbgp
summary poppler: Use-After-Free in StructTreeRoot class
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52885.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52885
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0662
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06796
published_at 2026-04-21T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06694
published_at 2026-04-08T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06728
published_at 2026-04-09T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06727
published_at 2026-04-11T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.0672
published_at 2026-04-12T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06713
published_at 2026-04-13T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06648
published_at 2026-04-16T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06639
published_at 2026-04-18T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06664
published_at 2026-04-04T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06644
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52885
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117853
reference_id 1117853
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117853
5
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884
reference_id 1884
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884#note_3114334
reference_id 1884#note_3114334
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884#note_3114334
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403224
reference_id 2403224
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403224
8
reference_url https://securitylab.github.com/advisories/GHSL-2025-042_poppler/
reference_id GHSL-2025-042_poppler
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/
url https://securitylab.github.com/advisories/GHSL-2025-042_poppler/
9
reference_url https://access.redhat.com/errata/RHSA-2026:7364
reference_id RHSA-2026:7364
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7364
10
reference_url https://usn.ubuntu.com/7858-1/
reference_id USN-7858-1
reference_type
scores
url https://usn.ubuntu.com/7858-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-11.1
purl pkg:deb/debian/poppler@25.03.0-11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1
aliases CVE-2025-52885
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yy6j-1h5z-wbgp
Fixing_vulnerabilities
0
url VCID-48d5-zxmm-r3g4
vulnerability_id VCID-48d5-zxmm-r3g4
summary An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-50420
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16103
published_at 2026-04-08T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16224
published_at 2026-04-04T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16163
published_at 2026-04-02T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16017
published_at 2026-04-07T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17679
published_at 2026-04-12T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17583
published_at 2026-04-18T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17575
published_at 2026-04-16T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17707
published_at 2026-04-09T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17725
published_at 2026-04-11T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17628
published_at 2026-04-13T12:55:00Z
10
value 0.0006
scoring_system epss
scoring_elements 0.18676
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-50420
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50420
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110463
reference_id 1110463
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110463
4
reference_url https://github.com/Landw-hub/CVE-2025-50420
reference_id CVE-2025-50420
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/
url https://github.com/Landw-hub/CVE-2025-50420
5
reference_url http://freedesktop.com
reference_id freedesktop.com
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/
url http://freedesktop.com
6
reference_url http://poppler.com
reference_id poppler.com
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/
url http://poppler.com
7
reference_url https://usn.ubuntu.com/7708-1/
reference_id USN-7708-1
reference_type
scores
url https://usn.ubuntu.com/7708-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8zz-dfdm-1uf7
1
vulnerability VCID-yy6j-1h5z-wbgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2
aliases CVE-2025-50420
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48d5-zxmm-r3g4
1
url VCID-anb3-1s96-wbaq
vulnerability_id VCID-anb3-1s96-wbaq
summary poppler: SignatureValue not checked within SignerInfo
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43903.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43903.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-43903
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13033
published_at 2026-04-02T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12901
published_at 2026-04-21T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12894
published_at 2026-04-13T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12797
published_at 2026-04-16T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.128
published_at 2026-04-18T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.13085
published_at 2026-04-04T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12885
published_at 2026-04-07T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12963
published_at 2026-04-08T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.13014
published_at 2026-04-09T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12974
published_at 2026-04-11T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12938
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-43903
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43903
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103545
reference_id 1103545
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103545
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2361067
reference_id 2361067
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2361067
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669
reference_id f1b9c830f145a0042e853d6462b2f9ca4016c669
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T02:50:50Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669
7
reference_url https://usn.ubuntu.com/7471-1/
reference_id USN-7471-1
reference_type
scores
url https://usn.ubuntu.com/7471-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8zz-dfdm-1uf7
1
vulnerability VCID-yy6j-1h5z-wbgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2
aliases CVE-2025-43903
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anb3-1s96-wbaq
2
url VCID-ygrf-gq35-fkfd
vulnerability_id VCID-ygrf-gq35-fkfd
summary Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52886.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52886.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52886
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25732
published_at 2026-04-02T12:55:00Z
1
value 0.00091
scoring_system epss
scoring_elements 0.25579
published_at 2026-04-16T12:55:00Z
2
value 0.00091
scoring_system epss
scoring_elements 0.25577
published_at 2026-04-13T12:55:00Z
3
value 0.00091
scoring_system epss
scoring_elements 0.25634
published_at 2026-04-12T12:55:00Z
4
value 0.00091
scoring_system epss
scoring_elements 0.25675
published_at 2026-04-11T12:55:00Z
5
value 0.00091
scoring_system epss
scoring_elements 0.25663
published_at 2026-04-09T12:55:00Z
6
value 0.00091
scoring_system epss
scoring_elements 0.25616
published_at 2026-04-08T12:55:00Z
7
value 0.00091
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-04T12:55:00Z
8
value 0.00091
scoring_system epss
scoring_elements 0.25543
published_at 2026-04-07T12:55:00Z
9
value 0.00098
scoring_system epss
scoring_elements 0.26937
published_at 2026-04-21T12:55:00Z
10
value 0.00098
scoring_system epss
scoring_elements 0.26973
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52886
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52886
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203
reference_id 04bd91684ed41d67ae0f10cde0660e4ed74ac203
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108784
reference_id 1108784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108784
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581
reference_id 1581
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581
7
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828
reference_id 1828
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2375930
reference_id 2375930
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2375930
9
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5
reference_id ac36affcc8486de38e8905a8d6547a3464ff46e5
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5
10
reference_url https://securitylab.github.com/advisories/GHSL-2025-054_poppler/
reference_id GHSL-2025-054_poppler
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/
url https://securitylab.github.com/advisories/GHSL-2025-054_poppler/
11
reference_url https://security.gentoo.org/glsa/202509-01
reference_id GLSA-202509-01
reference_type
scores
url https://security.gentoo.org/glsa/202509-01
12
reference_url https://usn.ubuntu.com/7675-1/
reference_id USN-7675-1
reference_type
scores
url https://usn.ubuntu.com/7675-1/
13
reference_url https://usn.ubuntu.com/7687-1/
reference_id USN-7687-1
reference_type
scores
url https://usn.ubuntu.com/7687-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8zz-dfdm-1uf7
1
vulnerability VCID-yy6j-1h5z-wbgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2
aliases CVE-2025-52886
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ygrf-gq35-fkfd
3
url VCID-yyxy-juya-a3f1
vulnerability_id VCID-yyxy-juya-a3f1
summary poppler: pdfinfo: crash in broken documents when using -dests parameter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6239.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6239.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6239
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.32049
published_at 2026-04-21T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.32065
published_at 2026-04-13T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.32099
published_at 2026-04-16T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.32076
published_at 2026-04-18T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.32188
published_at 2026-04-02T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.32226
published_at 2026-04-04T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.32051
published_at 2026-04-07T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32102
published_at 2026-04-08T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32131
published_at 2026-04-09T12:55:00Z
9
value 0.00127
scoring_system epss
scoring_elements 0.32135
published_at 2026-04-11T12:55:00Z
10
value 0.00127
scoring_system epss
scoring_elements 0.32097
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6239
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6239
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6239
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074146
reference_id 1074146
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074146
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293594
reference_id 2293594
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2293594
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
15
reference_url https://access.redhat.com/security/cve/CVE-2024-6239
reference_id CVE-2024-6239
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/
url https://access.redhat.com/security/cve/CVE-2024-6239
16
reference_url https://access.redhat.com/errata/RHSA-2024:5305
reference_id RHSA-2024:5305
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/
url https://access.redhat.com/errata/RHSA-2024:5305
17
reference_url https://access.redhat.com/errata/RHSA-2024:9167
reference_id RHSA-2024:9167
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/
url https://access.redhat.com/errata/RHSA-2024:9167
18
reference_url https://usn.ubuntu.com/6915-1/
reference_id USN-6915-1
reference_type
scores
url https://usn.ubuntu.com/6915-1/
fixed_packages
0
url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8zz-dfdm-1uf7
1
vulnerability VCID-yy6j-1h5z-wbgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2
aliases CVE-2024-6239
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yyxy-juya-a3f1
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2